Date: Sat, 5 Oct 1996 08:23:14 +0900 (JST) From: Michael Hancock <michaelh@cet.co.jp> To: Garrett Wollman <wollman@lcs.mit.edu> Cc: current@freebsd.org Subject: Re: Immutable flags (was: Re: WARNING: botched ld.so commit! :-() Message-ID: <Pine.SV4.3.93.961005075253.29020A-100000@parkplace.cet.co.jp> In-Reply-To: <9610041429.AA18858@halloran-eldar.lcs.mit.edu>
index | next in thread | previous in thread | raw e-mail
On Fri, 4 Oct 1996, Garrett Wollman wrote:
> <<On Fri, 4 Oct 1996 09:48:10 +0900 (JST), Michael Hancock <michaelh@cet.co.jp> said:
>
> >> sysctl -w kern.securelevel=0 #in /etc/rc.local
>
> > How many deamons are running by the time you get to this line?
>
> > This isn't satisfactory, I don't want the -1 to 0 window fullstop.
>
> THERE IS NO OPERATIONAL DIFFERENCE BETWEEN -1 AND 0. Period.
There's a difference when you initialize it and this is different from
securelevel operational mode when in multi-user mode.
> The ONLY difference is in what /sbin/init does AFTER /etc/rc is finished
> executing. This is all documented in the init(8) man page; there is
> no excuse for you not reading it.
The man pages don't tell me anything about when this happens.
> -1 Permanently insecure mode - always run system in level 0 mode.
>
> 0 Insecure mode - immutable and append-only flags may be turned off.
> All devices may be read or written subject to their permissions.
Added part you deleted.
1 Secure mode - immutable and append-only flags may not be
changed; disks for mounted filesystems, /dev/mem, and /dev/kmem
are read-only.
2 Highly secure mode - same as secure mode, plus disks are always
read-only whether mounted or not. This level precludes tampering
with filesystems by unmounting them, but also inhibits running
newfs(8) while the system is multi-user.
I initialize securelevel to 0 if I want securelevel 1 as the operational
mode for multi-user.
>
> Normally, the system runs in level 0 mode while single user and in level
> 1 mode while multiuser. If the level 2 mode is desired while running
> multiuser, it can be set in the startup script /etc/rc using sysctl(8).
Normally, but not FreeBSD. It does this ...
If it is desired to run the system in level 0 mode while multiuser,
the administrator must build a kernel with the variable securelevel
defined in the file /sys/compile/MACHINE/param.c and initialize it to
-1.
Originally, 4.4BSD just didn't initialize securelevel, so it when into
.bss and was zfod'ed by the system. FreeBSD hardcodes it to permanently
insecure.
Regards,
Mike
home |
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SV4.3.93.961005075253.29020A-100000>